Vulnerability Description
PAD Site Scripts 3.6 allows remote attackers to bypass authentication and gain privileges as other users, including administrative privileges, by setting the authuser cookie parameter to a valid username.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpeasycode | Pad Site Scripts | 3.6 |
Related Weaknesses (CWE)
References
- http://osvdb.org/54593
- http://secunia.com/advisories/35155Vendor Advisory
- http://www.securityfocus.com/bid/35027Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50622
- https://www.exploit-db.com/exploits/8735
- http://osvdb.org/54593
- http://secunia.com/advisories/35155Vendor Advisory
- http://www.securityfocus.com/bid/35027Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50622
- https://www.exploit-db.com/exploits/8735
FAQ
What is CVE-2009-1739?
CVE-2009-1739 is a vulnerability with a CVSS score of 7.5 (HIGH). PAD Site Scripts 3.6 allows remote attackers to bypass authentication and gain privileges as other users, including administrative privileges, by setting the authuser cookie parameter to a valid usern...
How severe is CVE-2009-1739?
CVE-2009-1739 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1739?
Check the references section above for vendor advisories and patch information. Affected products include: Phpeasycode Pad Site Scripts.